﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace Site.Secure
{
    public partial class AddPhone : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {

        }

        protected void Button1_Click(object sender, EventArgs e)
        {
            try
            {
                if (Session["userType"].ToString() == "admin" || Session["userType"].ToString() == "root") //If the current user is a admin allow them to continue
                {
                    if (edtMake.Text.Length > 4 && edtModel.Text.Length > 0 && edtIMEI.Text.Length == 15 && edtModel.Text.Length > 0)
                    {
                        SqlDataSource1.InsertCommand = "INSERT INTO Phones (Make, Model, IMEI, PID, PhoneNumber) VALUES (@Make, @Model, @IMEI, @PID, @PhoneNumber)";
                        SqlDataSource1.InsertParameters.Add("Make", edtMake.Text);
                        SqlDataSource1.InsertParameters.Add("Model", edtModel.Text);
                        SqlDataSource1.InsertParameters.Add("IMEI", edtIMEI.Text);
                        SqlDataSource1.InsertParameters.Add("PhoneNumber", edtNumber.Text);
                        SqlDataSource1.InsertParameters.Add("PID", edtNumber.Text.Substring(0, 6) + edtMake.Text.Substring(0, 4));
                        SqlDataSource1.Insert();
                        Response.Redirect("Default.aspx?OperationStatus=" + "Adding Phone Complete, Phone ID is'" + edtNumber.Text.Substring(0, 6) + edtMake.Text.Substring(0, 4)  + "'");
                    }
                    else
                    {
                        System.Web.HttpContext.Current.Response.Write("<SCRIPT LANGUAGE='JavaScript'>alert('You have inserted an invalid value. Please review your entry and retry.')</SCRIPT>");
                    }

                }
                else
                {
                    System.Web.HttpContext.Current.Response.Write("<SCRIPT LANGUAGE='JavaScript'>alert('You are not allowed to add users, please login with an account that has full root access')</SCRIPT>");
                }
            }
            catch (NullReferenceException ex)
            {
                //If you get here it means that Session == NULL, requires user to re-login
                System.Web.HttpContext.Current.Response.Write("<SCRIPT LANGUAGE='JavaScript'>alert(Your session has expired, this means that you can not perform any root tasks on this website. Please login again or restart your browser and navigate back to this page.')</SCRIPT>");
            }
        }
    }
}